zkLend Hack: $5M Stolen, Platform Offers Bounty for Return

Another day, another crypto hack. This time, zkLend, a next-generation lending protocol, has fallen victim to an attack, losing 3,300 ETH. But instead of staying silent, zkLend is taking an unusual approach – directly addressing the hacker in a public post. The platform is offering a 10% white hat bounty if the remaining 90% of the stolen funds are returned.

Will the hacker take the deal? Here’s everything we know so far.

What Went Wrong?

Blockchain security firm CertiK Alert reported that zkLend, which operates on Starknet, suffered multiple attack transactions leading to the theft of about $5 million. The stolen funds were then bridged to Ethereum through the wallet address 0x04d7191dc8eac499bac710dd368706e3ce76c9945da52535de770d06ce7d3b26.

Deadline Set: Return the Funds or Face Legal Action

According to zkLend’s statement, if the hacker complies and returns the stolen assets, the platform will waive any legal liabilities related to the attack. However, if there is no response by 00:00 UTC on February 14, 2025, zkLend has warned that it will take legal action. The team will work with law enforcement and security firms to track down and prosecute the attacker.

Securing the Fort

To prevent further risks, zkLend has suspended all withdrawal functions on its platform. The team is working with several security firms to track the stolen funds and identify how the attack happened. Their partners include:

• StarkWare Ltd
• Starknet Foundation
• zeroshadow.io (formerly Chainalysis Incident Response)
• Binance Security Team
• Hypernative Labs

• Also Read :
•   Crypto News: Alabama Man Pleads Guilty to SEC Twitter Hack
• ,

Community Reactions and Concerns

The hack has sparked concern within the crypto community. One user pointed out that due to the 12-hour withdrawal wait time on the STARK official bridge, the hacker cannot immediately transfer the stolen assets to the Ethereum mainnet. The user also stressed that the zkLend team must ensure the funds are recovered, suggesting that if they fail, it could raise suspicions of internal involvement.

Despite the breach, zkLend has assured users that it will remain fully transparent throughout the investigation. The platform has promised to release a detailed post-mortem report once the analysis is complete.

The team reassured the community that user trust remains a priority and that they are taking all necessary steps to resolve the issue as quickly and securely as possible.

Transparency, security, and trust – zkLend now faces the ultimate test in all three.